CVE-2025-36438

Published: Mar 25, 2026 Last Modified: Mar 25, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,1

Source: [email protected]

Attack Vector: local

Attack Complexity: high

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: high

Availability: none

Description

AI Translation Available

IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restriction of channel communication to intended endpoints.

923

Improper Restriction of Communication Channel to Intended Endpoints

Incomplete

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Confidentiality

Potential Impacts:

Gain Privileges Or Assume Identity

Applicable Platforms

Technologies: Not Technology-Specific, Web Based, Web Server

View CWE Details

https://www.ibm.com/support/pages/node/7267105

CVE-2025-36438

Description

Improper Restriction of Communication Channel to Intended Endpoints

Common Consequences

Applicable Platforms

Iscriviti alla newsletter